| 745d2c98f9467f1befb7ec3a6c485333d4f1b437 |
|
13-Apr-2018 |
Dmitry Dementyev <dementyev@google.com> |
Remove implementation of deprecated RecoveryController methods.
Bug: 78021839
Test: manual
Change-Id: I8a8a23f1cc14e7b9ffe1e758b6f35906d1a5cf2f
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| 3990ee1c9fcd8f801220edec94e6bef3009809b5 |
|
11-Apr-2018 |
Jeff Sharkey <jsharkey@android.com> |
Clean up APIs before declaring API 28.
As part of finalizing an SDK, we need to ensure that no new APIs are
marked @Deprecated, since they're typically cleanup that someone
forgot to finish.
Someone forgot to replace Slice.getTimestamp() with Slice.getLong().
Bug: 77588754
Test: builds, boots
Exempt-From-Owner-Approval: SDK finalization
Change-Id: Ic0ec91a43d161a69c1e840c42046ad500b7aeca0
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| b95c90ce2d10a93c680b2ddbdf7ad61feb3abf5a |
|
10-Apr-2018 |
Bo Zhu <bozhu@google.com> |
Add an API to check whether the recoverable keystore is enabled
Bug: 77690455
Test: It builds
Change-Id: I94be0e341d8a3e0fa9a5f9af8beda60e08a449e8
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| 4147a83ae5709bdb22986b49798f05488e4579f1 |
|
06-Apr-2018 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Revert "Remove deprecated RecoveryController API."" into pi-dev
|
| c157e21249b01cca18e6712d69c719f245db51a7 |
|
06-Apr-2018 |
Robert Berry <robertberry@google.com> |
Revert "Remove deprecated RecoveryController API."
This reverts commit 0d55aa387a4ec65899fc82a1391e5533c85c3edb.
Reason for revert: aps_sidecar binary is still using some of these @removed APIs. Although HEAD of auth_folsom is fixed, aps_sidecar burned in framework is old.
Bug: 77629807
Change-Id: I2f03c7d12de30cc2eebd91bb65646caaa00fcd1d
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| ce70473a89325bbc11f81d0fc530888d8782fbea |
|
04-Apr-2018 |
Dmitry Dementyev <dementyev@google.com> |
Merge "Remove deprecated RecoveryController API." into pi-dev
|
| 23174b7eaeb93918451c36bbbfad94bafd44bdd6 |
|
03-Apr-2018 |
Aseem Kumar <aseemk@google.com> |
Throw ServiceSpecificException if calling app tries to initialize
certificates with lower version. Earlier, the code just returned
silently, giving no indication that updating certs failed.
Change-Id: I3eb1b9f423791a655b47b3e76c20a170e2b632c0
Bug: 77533356
Test: runtest frameworks-services -p
com.android.server.locksettings.recoverablekeystore
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| 0d55aa387a4ec65899fc82a1391e5533c85c3edb |
|
02-Apr-2018 |
Dmitry Dementyev <dementyev@google.com> |
Remove deprecated RecoveryController API.
1) Mark all deprecated methods as removed.
Bug: 74944591
Test: atest RecoveryControllerHostTest
Change-Id: I2dd88d2ba0b9fb254327ee85b9d983ab10eb061b
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| 0f23660488737dfd901365edcc0be9c000ebc5a9 |
|
03-Apr-2018 |
Dmitry Dementyev <dementyev@google.com> |
Revert "Throw invalid cert exception when deprecated initRecoveryService method"
This reverts commit 50bc7e42d73c9ca8d77dcd538619c6d6eeaf6dea.
Reason for revert: API is still used by old binary
Change-Id: I3c8348211baa26245786abda6360a8df96e2d223
Bug: 77293264
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| 50bc7e42d73c9ca8d77dcd538619c6d6eeaf6dea |
|
31-Mar-2018 |
Dmitry Dementyev <dementyev@google.com> |
Throw invalid cert exception when deprecated initRecoveryService method
is used.
Throw unsupported operation exception when older version of RecoveryController is used.
Bug: 77293264
Test: atest RecoveryControllerHostTest
Change-Id: I0003104a4305444fac0092f4f6929545cf7c9413
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| 41d2dd2f266eb8dc50afcda253f04f1c7e9ccc0e |
|
30-Mar-2018 |
Bo Zhu <bozhu@google.com> |
Expose e.getMessage() from the exceptions in RecoverableKeyStore
Bug: 77327780
Test: runtest frameworks-services -p \
com.android.server.locksettings.recoverablekeystore
Change-Id: Ibf04d6405e6468bfdfef0a8cb8e6e96bffbbf3a2
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| 912853be102cc854f77d25f0946f4e6435b100b9 |
|
30-Mar-2018 |
Dmitry Dementyev <dementyev@google.com> |
Merge "Remove deprecated generateAndStoreKey method implementation" into pi-dev
|
| 93f38d7b3a5bda2bd9bcc7def67936370b40e306 |
|
29-Mar-2018 |
Robert Berry <robertberry@google.com> |
Update RecoveryController JavaDoc
Try to encode as many requirements as possible into the Recovery Agent
JavaDoc.
Bug: 70900575
Test: None, it is documentation
Change-Id: Iae05be24fa29d885f560943f256fd8d7ca692cf7
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| 86f5bb1a8cfe2d169767fb723d315955dda3a0e6 |
|
28-Mar-2018 |
Dmitry Dementyev <dementyev@google.com> |
Remove deprecated generateAndStoreKey method implementation
Bug: 77156834
Test: GTS, apct.
Change-Id: I23791fced21308467afc60cc16efc4aee7074134
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| 16d9db57f513eb13eeb2486d2d4770f59faf5550 |
|
26-Mar-2018 |
Dmitry Dementyev <dementyev@google.com> |
Use Builder instead for KeyChainProtectionParams.
Use Builder to create KeyChainSnapshot it tests.
Bug: 75952916
Test: apct
Change-Id: I5ab8c864a7ccc55dafa40867ec4364a705738d86
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| 0bbaf189c259f7d3154737c4284023921dc821b0 |
|
24-Mar-2018 |
Dmitry Dementyev <dementyev@google.com> |
Add more NonNull annotations to RecoveryController API
Bug: 73959762
Test: none
Change-Id: I648c20a099d4ac1c002f4f467d7189a8bc019560
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| 73b7722c13ecc8eaf1d6439e4537cb7e10f53405 |
|
23-Mar-2018 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Do not throw KeystoreException for when a key does not exist" into pi-dev
|
| 364dbf1c9e695e339508fda9184fba797ed5491a |
|
23-Mar-2018 |
Dmitry Dementyev <dementyev@google.com> |
Merge "Update RecoverableKeyStoreManager methods to throw NullPointerException when null is passed as @NonNull argument." into pi-dev
|
| 72f5755721ad22d4711e9e9cc8ef6107db91466a |
|
23-Mar-2018 |
Robert Berry <robertberry@google.com> |
Do not throw KeystoreException for when a key does not exist
Bug: 75955240
Test: manual
Change-Id: Ibd2f4d7cd654752b69d2d22e803d4d1cc05c118f
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| 933dfc1cd6041d1e77d169be91818d5b31e36edc |
|
23-Mar-2018 |
Aseem Kumar <aseemk@google.com> |
Delete unimplemented APIs from RecoveryController.
Bug: 74859770
Test: make update-api builds
Change-Id: Ic547e0ee2ef13995389a71369ffa736a7d83b78a
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| 1e6a9dcecb92b4a9a8d3c60372821ba7cd830873 |
|
21-Mar-2018 |
Dmitry Dementyev <dementyev@google.com> |
Update RecoverableKeyStoreManager methods to throw NullPointerException when null is passed as @NonNull argument.
Mark serverParams as nullable. Null value can be used to prevent new
snapshots creation.
Bug: 73959762
Test: Test: adb shell am instrument \
-w -e package com.android.server.locksettings.recoverablekeystore \
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: I5c6ddd696b2882b3d27978b0146ff419bedaf5ee
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| c6bd1855656168119ab4ac62cbf0e7930551e846 |
|
22-Mar-2018 |
Robert Berry <robertberry@google.com> |
Merge "Unhide RecoveryController#getRootCertificates()" into pi-dev
|
| 93d002ca5f94facfec75359999c910f914d7b7c4 |
|
21-Mar-2018 |
Robert Berry <robertberry@google.com> |
Unhide RecoveryController#getRootCertificates()
This is so we can add a GTS test to affirm that GMS devices include the
Google Cloud Key Vault root certificate.
Test: runtest frameworks-core -p android.security.keystore.recovery
Bug: 74621045
Change-Id: Ib6431f5739f3dff066832e6aa300dd9da5bc0727
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| c5ab69469d53ffc5b55e91c5374da8b03dd4661c |
|
21-Mar-2018 |
Bo Zhu <bozhu@google.com> |
Small fix for the key grant alias used in importKey
Bug: 74345822
Test: atest RecoveryControllerHostTest#testImportKey_ValidKey
Change-Id: I54812b3d7465ee508fe48886f5897470fe7455a0
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| 4a5c87def075c805d4fcae7ff01dd2e78ec27b1a |
|
19-Mar-2018 |
Robert Berry <robertberry@google.com> |
Add RecoverySession importKeyChainSnapshot method
This imports the keys directly into the keystore of LockSettingsService,
allowing them to be accessed via the RecoveryController getKey method.
This is better as it does not expose raw key material to any app.
Bug: 74345822
Test: runtest frameworks-services -p \
com.android.server.locksettings.recoverablekeystore
Change-Id: I4991b0cff1d2fa2e5bd0b53a71c096499e93e98b
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| c1742e51378c3ec99a0e5df14dc0c77bcca0d16a |
|
12-Mar-2018 |
Aseem Kumar <aseemk@google.com> |
Unhide getKey() and importKey() and the whole class of RecoveryController.
Added @RequiresPermission(android.permission.RECOVER_KEYSTORE) on all
public APIs of RecoveryController.
Bug: 73900159
Test: adb shell am instrument -w -e package \
com.android.server.locksettings.recoverablekeystore \
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: I1047c038603869307d7a2462a2e5635fcd1c94c2
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| 7f414d94fc4f6bd34325f3865b51e8d11acb52ad |
|
28-Feb-2018 |
Bo Zhu <bozhu@google.com> |
Check the public-key signature of the whole certificate file before
accepting the certificates
This change requires an additional param to the initRecoveryService()
API to take in the public-key signature.
Bug: 73904566
Test: adb shell am instrument -w -e package \
com.android.server.locksettings.recoverablekeystore \
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: I2aeead1fda51b6cd8df71ed3b5066342ebc8d5ea
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| 5240541e0173116bf0a088241057ad2e63fc9113 |
|
28-Feb-2018 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Remove @removed from APIs still in use"
|
| 5af199c56e2723f0eb98027644a1e3486f22ef18 |
|
28-Feb-2018 |
Robert Berry <robertberry@google.com> |
Remove @removed from APIs still in use
I completely misunderstood this annotation.
Bug: 73962883
Test: ran unit tests
Change-Id: Id3e3863fc6fd1e0614a3c75d25cd35239667eaf0
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| 2c8e5383c836d2dfa39b0be6bfa281285667a880 |
|
27-Feb-2018 |
Bo Zhu <bozhu@google.com> |
Add a new API to import a key provided by the caller, such that this key
can also be synced to the remote service
This API may be useful for backward-compatibility work, e.g., recovering
a key that's backed up in Android Q+ to Android P without updating the
Android P Frameworks code. This API may also be useful for other use cases.
Bug: 73785182
Change-Id: I1022dffb6a12bdf3df2022db5739169fcc9347d2
Test: adb shell am instrument -w -e package \
com.android.server.locksettings.recoverablekeystore \
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| beafcb50d4f963421bac7e84a4f47f68a8b5e4b6 |
|
26-Feb-2018 |
Robert Berry <robertberry@google.com> |
Fix minor documentation issues in RecoveryController
Test: none, just doc updates
Change-Id: I7d2152f788a65162d72dbd9970230a9a07034014
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| a3b994798d870244f11b56ae0bdfb870924402a8 |
|
23-Feb-2018 |
Robert Berry <robertberry@google.com> |
Remove account param from generateKey method
Bug: 73811828
Test: runtest frameworks-services -p
com.android.server.locksettings.recoverablekeystore
Change-Id: If2f4174beea9cfb8c852139a7594815c377dbe7a
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| f34ad9509df18aff1f36123b839c62003216245c |
|
25-Feb-2018 |
Robert Berry <robertberry@google.com> |
Merge "Remove packageName from getRecoveryStatus"
|
| 01468dae197a2b8d5d6e836d92c6582abf81f425 |
|
23-Feb-2018 |
Robert Berry <robertberry@google.com> |
Merge "Make it possible to construct a RecoverySession"
|
| 56f06b4d111f99f72d4232b43037fea2f6246e7d |
|
23-Feb-2018 |
Robert Berry <robertberry@google.com> |
Remove packageName from getRecoveryStatus
This parameter is unused.
Bug: 73757432
Test: runtest frameworks-services -p
com.android.server.locksettings.recoverablekeystore
Change-Id: I153a84d71b0ebaed8ce3a1f0f33c70036dd960b2
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| e04e09ad87c218e1ddb66ac78e95af66cb0452ff |
|
22-Feb-2018 |
Robert Berry <robertberry@google.com> |
Make it possible to construct a RecoverySession
These methods are currently inaccessible.
Bug: 73763265
Test: it builds
Change-Id: I8358a8084e1c4fa96b1fe599ef6b17d6196d6a12
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| bbe02ae8a3dd07989d61bbb739bfd863123c5489 |
|
20-Feb-2018 |
Robert Berry <robertberry@google.com> |
Remove package name parameter from setRecoveryStatus
Package name is implicit. Recovery agent can only act for the same uid.
Bug: 73757432
Test: runtest frameworks-services -p
com.android.server.locksettings.recoverablekeystore
Change-Id: I45abf4b956fa4e97d981614d9e61295e85d5669e
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| 29b9de5b8a9b38290c2855890ae1f7a93c0b8421 |
|
01-Feb-2018 |
Dmitry Dementyev <dementyev@google.com> |
Update RecoveryController to use KeyStore grant API.
Missing parts:
1) Whitelist locksettingsservice to use grant API.
2) Probably have similar update for recovered keys - they will live in
system service and RecoveryAgent will use getKey() method to access
them.
3) ApplicationKeyStorageTest
Bug: 66499222
Test: adb shell am instrument -w -e package \
com.android.server.locksettings.recoverablekeystore \
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: I584b89e3f777bed679b2eb5173750f3f1dee3635
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| b4fb98777006bc3c2bb038d50473663fbc92932c |
|
26-Jan-2018 |
Dmitry Dementyev <dementyev@google.com> |
Rename RecoveryController.getRecoveryData() to getKeyChainSnapshot.
Bug: 72299798
Test: adb shell am instrument -w -e package
com.android.server.locksettings.recoverablekeystore
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: I1a530414d255867786142fa2e01e50469379e295
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| f8ae5deba2911b7bc8441df31c0504eaaa687add |
|
09-Jan-2018 |
Dmitry Dementyev <dementyev@google.com> |
Unhide RecoverableKeyStoreLoader API.
Bug: 66499222
Test: GTS tests under development
Change-Id: I4285beaa26bc94d92f6213a34eb1e41ad0994d7a
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| 0916e7ca44aba5e6c89d75007da805697fdace9e |
|
23-Jan-2018 |
Dmitry Dementyev <dementyev@google.com> |
Prepare KeyStore RecoveryController API for review.
- set/get recovery status simplification
- adding account to WrappedKey
- moving recovery methods to the Session class.
There are small cosmetical changes to .aidl which don't affect
implementation logic.
Bug: 72299798
Test: adb shell am instrument -w -e package
com.android.server.locksettings.recoverablekeystore
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: I9efaa4cde42cf778bb97ed13f62750a65d8c6cb5
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
| 81ee34bf957dffe020442e3f0c6c06817397ebf0 |
|
23-Jan-2018 |
Robert Berry <robertberry@google.com> |
Move APIs to final location in preparation for API review
Leave old APIs in current location for backwards compatibility reasons.
Bug: 72298565
Test: Tried flow with current versions of GMSCore to ensure they work still
Change-Id: Iafc2b8ad8a574460dbb2482a67935debe71f1113
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|